Mastering computer security requires more than just technical knowledge of software, systems and networks—it demands analytical thinking, a problem-solving mindset, and creative reasoning. These skills are best cultivated through practical challenges and structured problem-solving.
This book presents a collection of questions and problems on a wide range of topics typically taught in introductory computer security courses, including basic concepts and principles, authentication techniques, access control models and methods, network security, software vulnerabilities, and malware.
Topics and features:
- The exercises range in complexity to ensure progressive skill development—from foundational knowledge (e.g., defining and understanding basic security ideas and principles) to more advanced problem-solving (e.g., applying knowledge to analyze a security protocol, synthesizing concepts, making judgments about a design, or creating solutions).
- Each exercise is accompanied by a solution intended to serve as a learning aid and facilitate self-assessment. Some solutions include historical notes and additional references that could be useful to readers who are willing to explore a subject in more depth.
- The problems include practical scenarios and real-world cases, ensuring that readers understand how principles are applied in practice.
- The content is organized into sections and chapters that are mostly self-contained, so readers can explore them in any order.
- The material is flexible and can be adapted for various courses and audiences, allowing instructors and learners to select topics based on their needs.
This unique textbook/reference offers broad appeal: The exercises are intended to complement other learning materials and are tailored to different skill levels, allowing beginners to build a strong foundation while offering advanced challenges to more experienced learners.
Juan Tapiador is Professor of Computer Science at Universidad Carlos III de Madrid, Spain, where he leads the Computer Security (COSEC) Lab. Prior to joining UC3M he worked as Research Associate at the University of York, UK. His work there was funded by the ITA project, a joint effort between the UK Ministry of Defence and US Army Research Lab led by IBM. He holds a Ph.D. (2004) in Computer Science from the University of Granada. His research focuses on computer security, with emphasis on malware, systems and network security, privacy, and Internet measurements. He has co-authored over 100 publications in top-ranked conferences and journals in these areas, receiving more than 7,600 citations according to Google Scholar. Some of his works have received substantial attention by the research community, the industry, and the media. His work on preinstalled Android apps was the recipient of the Best Practical Paper Award at the 41st IEEE Symposium on Security and Privacy, a top security conference. This work also won the annual prizes by the Spanish and French privacy regulators (2019 AEPD Emilio Aced Research Prize and CNIL-INRIA 2019 Privacy Protection Prize), and was covered by national and international media, including The Times, Le Figaro, ZDNet, and The Register. Two of his works on cybercrime forum analyses and click fraud platforms (IMC 2019, COSE 2022) were covered by Wired and El País. His work on how Internet traffic changed due to the COVID-19 waves and national lockdowns, published in IMC 2020, appeared in the July 2021 Research Highlights of the Communications of the ACM magazine. Much of his research activity in the last decade has been done in collaboration with an extense network of international contacts, including researchers from UC Berkeley, NYU, Northeastern, Boston, Stony Brook, Cambridge, Max Planck Institute for Informatics, TU Wien, TU Berlin, Calgary, Chalmers, KU Leuven, Bell Labs, IBM Thomas Watson, and Norton Research. He has supervised 8 PhD students and is currently supervising 4 PhD dissertations. He has served as Associate Editor for Computers & Security, one of the oldest journals in computer security. He has been member of the Program Committee of several top ranked security conferences, including USENIX Security, IMC, NDSS, ESORICS, AsiaCCS, and Euro S&P. He served as Chair of the Research Ethics Committee for the 2023 USENIX Security conference.
